Posted
by
Zonk
on Friday January 26, 2007 @04:18PM
from the keeping-anyone-else-from-being-you dept.

coondoggie handed us a link to a Network World article reporting that IBM plans to open source the project 'Identity Mixer'. Developed by a Zurich-based research lab for the company, Identity Mixer is a novel approach to protecting user identities online. The project, which is a piece of XML-based software, uses a type of digital certificate to control who has access to identity information in a web browser. IBM is enthusiastic about widespread adoption of this technology, and so plans to open source the project through the Eclipse Open Source Foundation. The company hopes this tactic will see the software's use in commercial, medical, and governmental settings.

If you open source something, you make your own patents unenforceable insofar as they apply to the thing in question. IBM is not capable of suing people for patent violation on software they distribute or allow others to distribute.

IBM's been like that for a long time. Remember when the PC division refused to sell the company's own operating system? (Of course, the PC division ended up being sold to a Chinese company, so I guess the OS/2 developers got the last laugh, but a bit too little too late.)

Big, diverse companies often seem to be going in several directions at once, and in this industry, pretty much nobody is bigger or more diverse than IBM (still).

yes of course if you know International Business Machines the you realize that they in their inventory (of past products) have servers that have been proven By Actual Troopsto be bullet proof (with actual bullets!!)

I've always been impressed with HP's engineering in their UNIX line of servers (can't speak to the PC based ones). I had a server (actually a B class workstation functioning as a server) several years ago that was knocked off a table onto the floor by the cleaning staff. Even after a 3 foot tumble, it never missed a beat. Never even rebooted. The only evidence was a little scuffing on the case. Nice stuff.

From what I read in the article (and I could be wrong, I admit), it sounds like people are simply controlling the amount of personal information that goes to the third party. So, I want to buy something, and only the pertinent information goes to the vendor.

How is this different from things that have been tried in the past? Furthermore, how is this different from the various other situations we hear about occurring at financial institutions and the like, where a database is inadvertently printed or plac

Today if you want to conduct virtually any kind of commerce over the Net, you have to provide a whole dossier of information about yourself. Whether this information is technically necessary or not is irrelevant -- if virtually all companies demand it, then individuals will have to provide it.So here's some technology that allows you to anonymize your data or just not send it in the first place; what is the incentive for businesses to adopt this technology (at great cost to them)? Perhaps in Europe it will

idemix [ibm.com] which is the software in question appears to be covered by a number of patent applications [uspto.gov] submitted by the inventor, Jan Camenisch. What's the point in open-sourcing it if IBM has half a dozen or more patents covering the technology being used? Or will this process grant use of any IBM-owned patents necessary to run the code? And if so, what happens as people start modifying the code; how far can they go and still be indemnified against IBM patent infringement?

Patents and open source don't mix well. I don't see how this is going to work.

IBM patents everything it can. If IBM doesn't patent something that they create, then another company will, and that company might not be friendly to open source developers. Most newer open source licenses include an explicit grant of patent rights which should eliminate most of these problems.

The project, which is a piece of XML-based software, uses a type of digital certificate
to control who has access to identity information in a web browser.

Well now, that certainly seems like a complicated way to deny all cookies, disable
the browser cache, block most "web bug" images, and have FireFox's "Clear Private Data"
tool set to purge everything on closing the browser.

All these companies trying to make it "easier" for me to share my info with those who
I "trust" have completely missed the point